Remarks 



Claim Numbering. 

The only change made to the claims over those previously presented is the 
renumbering of claims 44 to 46 as 45 to 47. Applicant is grateful to the Examiner 
for highlighting Applicant's oversight in respect of claim numbering when 
previously presenting said claims. 

35 U.S.C. 103fa^ 

It is noted that the Examiner now rejects the claims under 35 USC §1 03(a) on a 
new combination of references, namely the combination of Forslow et al 
(US2002/0 133534), Donovan (US2002/0057786) and newly cited reference 
Daude et al (US2004/0088542). 

The present invention makes a useful contribution to the art over the combination 
of Forslow (US2002/0 133534), Donovan (US2002/0057786) and Daude 
(US2004/0088542) in that only a single VPN gateway need be provided between 
the first and second data networks and for the other reasons discussed at page 5, 
lines 2 to 11 of the specification as filed. Contrast this with Forslow where is it 
clearfy taught that each home agent 1 is dedicated to one mobile virtual private 
network 'M-VPN" (abstract). Furthermore, each home agent uses public IP 
addresses (paragraph 104) rather than the address space of its respective M- 
VPN. As such, Forslow is in some ways representative of the prior art system 
discussed in the present application with respect to figure 2 and exhibits much the 
same disadvantages as discussed in the specification at page 3, line 12 to page 4, 
line 22. 

There is nothing in the disclosures of Donovan and Daude that would lead one of 
ordinary skill to go against the teaching of Forslow where each home agent 1 is 
dedicated to one mobile virtual pri vate network 'M-VPN' and each home agent 
uses public IP addresses . The Examiner has substantially repeated his 
submission in respect of the combination of Forslow and Donovan that was 
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presented in the Office Action of September 26, 2007. However, this submission 
does not address this important issue. Therefore the Applicant would appreciate 
the Examiner's reasoning as to why one skilled in the art would set aside what 
Forslow so clearly teaches in this respect. 

Furthermore, one skilled in the art would not seriously contemplate combining 
these three references nor could such a combination lead to the claimed 
arrangement for the following reasons. 

The Examiner acknowledges that Forslow is deficient in not teaching or 
suggesting the feature of claim 20 of the second data network using a network 
addressing scheme that is different to a network addressing scheme used by at 
ieast one of said piuraiity of VPNs and in not teaching the feature that the VPN 
media proxy is configured to pass information from a source address in said at 
feast one of said piuraiity of VPNs to a destination address in said second data 
network, the VPN media proxy having an address translator arranged to translate 
the destination address of the information in accordance with the network 
addressing scheme of the second data network, and to send the information 
towards the translated destination address in the second data network. 

The Examiner is, however, of the view that such features are taught by Donovan 
and that it would have been obvious for one of ordinary skill in the art to modify 
Forslow to apply such features. 

Furthermore, the Examiner acknowledges that the combination of Forslow and 
Donovan is deficient in not teaching or suggesting the feature of claim 20 that the 
claimed arrangement includes a VPN gateway having a VPN media proxy 
interfacing the first and second data networks, the VPN gateway being shared by 
said piuraiity of VPNs and providing a piuraiity of virtuat routing functions, 
respective ones of said piuraiity of virtual routing functions being connected to 
respective ones of said piuraiity of VPNs such that each virtual routing function is 
in the address space of a respective one of said plurality of VPNs. 
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However, the Examiner is of the view that this feature is taught by Daude and that 
it would have been obvious for one of ordinary skill in the art to modify the 
combined teachings of Forslow and Donovan to apply such feature. 

Forslow teaches that the home agent 1 interfaces the access network 9 (first data 
network) with the Internet 6 (the second data network). Forslow clearly and 
unambiguously teaches that each virtual home agent 1a, 1b has a public IP 
address (paragraph 0104, abstract). It equally clearly teaches that the foreign 
agent 2a has a public IP address (paragraph 0107, abstract). Furthermore, it 
teaches that the mobile service manager 7 is given a public IP address in order 
that it has an address that is unique across the two mobile VPN realms which use 
overlapping private address realms (paragraph 0107). This is also the reason 
why the foreign agent 2a and the virtual home agents 1a, 1b are given public IP 
addresses. 

In any event, the fact that the foreign agent 2a has a public IP address means that 
data being transmitted from either of the mobile nodes 3a, 3b towards the access 
network 9 (first data network) must have the private realm addresses of their 
respective mobile node 3a, 3b translated to a public IP address at an ingress to or 
at some point in the network before reaching the foreign agent 2a. The foreign 
agent 2a having a public IP address simply routes the received data to the 
appropriate home agent 1a, b using the public address realm (i.e. public IP 
address realm) that is common to said foreign agent 2a and each of said home 
agents 1a, 1b and indeed which is also shared with the 'second data network' 
being the Internet 6. Consequently, one skilled in the art would not seriously 
contemplate modifying the system of Forslow to change it in the manner 
suggested by the Examiner. This is because the second data network (the 
internet 6) employs the same public IP address realm as the foreign agent 2a and 
the home agents 1a, 1b and thus no network address translation is necessary at 
the virtual home agents 1a, 1b. In fact, no network addressing translation is 
needed for data being transmitted from said mobile nodes 3a, 3b anywhere in the 
network after the foreign agent 2a. 
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To modify Forslow in the manner suggested would require taking data that has 
had its private realm address translated to a public IP address for ingress to the 
foreign agent 2a and translating said public IP address back to a private realm 
address in order for it to be then translated back to a public IP address for ingress 
to one of the virtual home agents 1a, 1b which are in the public IP address realm. 
This is logically incoherent and simply would not be seriously considered by one 
skilled in the art. 

Furthermore, it follows from the fact that the foreign agent 2a, virtual home agents 
1a, 1b and the second data network (the Internet 6) as taught by Forslow all share 
the public IP address realm, that one skilled in the art would never contemplate 
modifying Forslow such that each virtual home agent 1a, 1b is placed in the 
private address space/realm of its respective mobile node 3a, 3b. To make such 
a modification would then require the insertion of two additional layers of network 
address translation to overcome the effect of making this change. There is no 
plausible reason why one skilled in the art would break the system of Forslow to 
make this change and then have to apply additional network address translation 
means to fix it, all for no net gain. 

For the reasons stated, the combination of Forslow, Donovan and Daude cannot 
result in the following important aspects of the invention as defined by claim 20, to 
whit the arrangement has "a VPN gateway having a VPN media proxy interfacing 
the first and second data networks, the VPN gateway being shared by said 
plurality of VPNs and providing a plurality of virtual routing functions, respective 
ones of said plurality of virtual routing functions being connected to respective 
ones of said plurality of VPNs such that each virtual routing function is in the 
address space of a respective one of said plurality of VPNs , wherein the VPN 
media proxy is configured to pass information from a source address in said at 
least one of said plurality of VPNs to a destination address in said second data 
network, the VPN media proxy having an address translator arranged to translate 
the destination address of the information in accordance with the network 
addressing scheme of the second data network, and to send the information 
towards the translated destination address in the second data network " (emphasis 
added). 
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In respect of claim 21, Forslow does not teach the need for network address 
translation at any of the virtual home agents 1a, 1b and one skilled in the art 
would not be motivated to apply network address translation at the virtual home 
agents 1a, 1 b for the reasons already stated. 

In respect of claim 22 which defines the second data network is a carrier data 
network having a private IP network addressing scheme, it can be clearly seen in 
Forslow that the second data network is the Internet having, of course, a public IP 
network addressing scheme. 

In respect of claim 24, there is no teaching or suggestion in any of Forslow, 
Donovan or Daude of providing a carrier data network interfacing the public data 
network to a switched telephone network STN' via a trunk gateway whose carrier 
data network IP address is the destination address for information being 
transmitted from a source address in any of the VPNs to a destination address in 
the carrier data network. 

Consequently, the amended claims submitted herewith are believed to define an 
invention which is not rendered obvious by the combination of Forslow, Donovan 
and Daude. 

Favorable reconsideration is solicited. 

April n , 2008 Respectfully submitted, ^ 
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